Date: Sat, 25 Oct 2008 20:27:51 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security <oss-security@...ts.openwall.com>
Cc: coley@...re.org
Subject: CVE request: lynx (old) .mailcap handling flaw
Hi Steven!
There's one old lynx issue that seem to need a 2006 CVE id. lynx
browser prior to 2.8.6rel.4 tries to open mailcap and mime type
definition files form the current directory. If user can be convinced
to run lynx in a specially crafted directory, an attacker controlling
the directory may be able to run arbitrary code as the victim running
lynx.
Issue was originally reported in Debian BTS:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949
Some details can be found in our BZ as well:
https://bugzilla.redhat.com/show_bug.cgi?id=214205
Thank you!
--
Tomas Hoger / Red Hat Security Response Team